XSS Vulnerability in File Manager Module of Softaculous Webuzo
CVE-2013-6042

Currently unrated

Key Information:

Vendor: Softaculous
Status: Webuzo
Vendor: CVE Published:; 19 November 2013

What is CVE-2013-6042?

The File Manager module in Softaculous Webuzo prior to version 2.1.4 contains a cross-site scripting (XSS) vulnerability in the filemanager/login.php file. This flaw allows attackers to exploit the user parameter, enabling them to inject arbitrary web scripts or HTML content into the application. Such vulnerabilities can lead to sensitive data exposure and unauthorized actions being performed within the affected application.

References

http://osvdb.org/99203

vdb-entryx_refsource_OSVDB

http://www.softaculous.com/board/index.php?tid=4526&title...

x_refsource_CONFIRM

http://www.baesystemsdetica.com.au/Research/Advisories/We...

x_refsource_MISC

Timeline

Vulnerability published
Nov 19, 2013
Vulnerability Reserved
Oct 4, 2013